From b9a7329efd5445e876e7aedab922aafc8f64fe9e Mon Sep 17 00:00:00 2001 From: nom3ad <19239479+nom3ad@users.noreply.github.com> Date: Mon, 11 Oct 2021 21:45:26 +0530 Subject: [PATCH 1/5] chore(elasticsearch): add more tests on domain construct --- .../aws-elasticsearch/test/domain.test.ts | 46 ++++++++++++++++++- 1 file changed, 45 insertions(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-elasticsearch/test/domain.test.ts b/packages/@aws-cdk/aws-elasticsearch/test/domain.test.ts index 6966882c55549..0bc73d10f0a53 100644 --- a/packages/@aws-cdk/aws-elasticsearch/test/domain.test.ts +++ b/packages/@aws-cdk/aws-elasticsearch/test/domain.test.ts @@ -1383,7 +1383,7 @@ describe('custom error responses', () => { })).toThrow(/Node-to-node encryption requires Elasticsearch version 6.0 or later/); }); - test('error when i3 instance types are specified with EBS enabled', () => { + test('error when i3 or r6g instance types are specified with EBS enabled', () => { expect(() => new Domain(stack, 'Domain1', { version: ElasticsearchVersion.V7_4, capacity: { @@ -1394,6 +1394,16 @@ describe('custom error responses', () => { volumeType: EbsDeviceVolumeType.GENERAL_PURPOSE_SSD, }, })).toThrow(/I3 and R6GD instance types do not support EBS storage volumes/); + expect(() => new Domain(stack, 'Domain2', { + version: ElasticsearchVersion.V7_4, + capacity: { + dataNodeInstanceType: 'r6gd.large.elasticsearch', + }, + ebs: { + volumeSize: 100, + volumeType: EbsDeviceVolumeType.GENERAL_PURPOSE_SSD, + }, + })).toThrow(/I3 and R6GD instance types do not support EBS storage volumes/); }); test('error when m3, r3, or t2 instance types are specified with encryption at rest enabled', () => { @@ -1446,6 +1456,40 @@ describe('custom error responses', () => { masterNodeInstanceType: 'm5.large.elasticsearch', }, })).toThrow(/EBS volumes are required when using instance types other than r3, i3 or r6gd/); + expect(() => new Domain(stack, 'Domain2', { + version: ElasticsearchVersion.V7_4, + ebs: { + enabled: false, + }, + capacity: { + dataNodeInstanceType: 'm5.large.elasticsearch', + }, + })).toThrow(/EBS volumes are required when using instance types other than r3, i3 or r6gd/); + }); + + test('can use compatible master instance types that does not have local storage when data node type is i3 or r6gd', () => { + new Domain(stack, 'Domain1', { + version: ElasticsearchVersion.V7_4, + ebs: { + enabled: false, + }, + capacity: { + masterNodeInstanceType: 'c5.2xlarge.elasticsearch', + dataNodeInstanceType: 'i3.2xlarge.elasticsearch', + }, + }); + new Domain(stack, 'Domain2', { + version: ElasticsearchVersion.V7_4, + ebs: { + enabled: false, + }, + capacity: { + masterNodes: 3, + masterNodeInstanceType: 'c6g.large.elasticsearch', + dataNodeInstanceType: 'r6gd.large.elasticsearch', + }, + }); + expect(stack).toCountResources('AWS::Elasticsearch::Domain', 2); }); test('error when availabilityZoneCount is not 2 or 3', () => { From 93863e4a2b149b2c050d937d527ababd3895a47f Mon Sep 17 00:00:00 2001 From: nom3ad <19239479+nom3ad@users.noreply.github.com> Date: Mon, 11 Oct 2021 21:46:50 +0530 Subject: [PATCH 2/5] fix(elasticsearch): validate ebs configuration only for data nodes --- packages/@aws-cdk/aws-elasticsearch/lib/domain.ts | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/packages/@aws-cdk/aws-elasticsearch/lib/domain.ts b/packages/@aws-cdk/aws-elasticsearch/lib/domain.ts index 842071fa0ec68..0d42cb37b2c94 100644 --- a/packages/@aws-cdk/aws-elasticsearch/lib/domain.ts +++ b/packages/@aws-cdk/aws-elasticsearch/lib/domain.ts @@ -1408,9 +1408,8 @@ export class Domain extends DomainBase implements IDomain, ec2.IConnectable { return instanceTypes.some(isInstanceType); }; - function isEveryInstanceType(...instanceTypes: string[]): Boolean { - return instanceTypes.some(t => dedicatedMasterType.startsWith(t)) - && instanceTypes.some(t => instanceType.startsWith(t)); + function isEveryDatanodeInstanceType(...instanceTypes: string[]): Boolean { + return instanceTypes.some(t => instanceType.startsWith(t)); }; // Validate feature support for the given Elasticsearch version, per @@ -1469,7 +1468,7 @@ export class Domain extends DomainBase implements IDomain, ec2.IConnectable { // Only R3, I3 and r6gd support instance storage, per // https://aws.amazon.com/elasticsearch-service/pricing/ - if (!ebsEnabled && !isEveryInstanceType('r3', 'i3', 'r6gd')) { + if (!ebsEnabled && !isEveryDatanodeInstanceType('r3', 'i3', 'r6gd')) { throw new Error('EBS volumes are required when using instance types other than r3, i3 or r6gd.'); } From 54418789b847c32bfb223702e0653cbae5593dbd Mon Sep 17 00:00:00 2001 From: nom3ad <19239479+nom3ad@users.noreply.github.com> Date: Mon, 11 Oct 2021 22:07:24 +0530 Subject: [PATCH 3/5] fix(opensearch): correctly vaidate ebs configuration --- .../aws-opensearchservice/lib/domain.ts | 7 ++- .../aws-opensearchservice/test/domain.test.ts | 46 ++++++++++++++++++- 2 files changed, 48 insertions(+), 5 deletions(-) diff --git a/packages/@aws-cdk/aws-opensearchservice/lib/domain.ts b/packages/@aws-cdk/aws-opensearchservice/lib/domain.ts index 1279d9525f831..97b96f4813328 100644 --- a/packages/@aws-cdk/aws-opensearchservice/lib/domain.ts +++ b/packages/@aws-cdk/aws-opensearchservice/lib/domain.ts @@ -1325,9 +1325,8 @@ export class Domain extends DomainBase implements IDomain, ec2.IConnectable { return instanceTypes.some(isInstanceType); }; - function isEveryInstanceType(...instanceTypes: string[]): Boolean { - return instanceTypes.some(t => dedicatedMasterType.startsWith(t)) - && instanceTypes.some(t => instanceType.startsWith(t)); + function isEveryDatanodeInstanceType(...instanceTypes: string[]): Boolean { + return instanceTypes.some(t => instanceType.startsWith(t)); }; // Validate feature support for the given Elasticsearch/OpenSearch version, per @@ -1401,7 +1400,7 @@ export class Domain extends DomainBase implements IDomain, ec2.IConnectable { // Only R3, I3 and r6gd support instance storage, per // https://aws.amazon.com/opensearch-service/pricing/ - if (!ebsEnabled && !isEveryInstanceType('r3', 'i3', 'r6gd')) { + if (!ebsEnabled && !isEveryDatanodeInstanceType('r3', 'i3', 'r6gd')) { throw new Error('EBS volumes are required when using instance types other than r3, i3 or r6gd.'); } diff --git a/packages/@aws-cdk/aws-opensearchservice/test/domain.test.ts b/packages/@aws-cdk/aws-opensearchservice/test/domain.test.ts index 4ad11ac372f97..84e7ba12167fc 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/domain.test.ts +++ b/packages/@aws-cdk/aws-opensearchservice/test/domain.test.ts @@ -1385,7 +1385,7 @@ describe('custom error responses', () => { })).toThrow(/Node-to-node encryption requires Elasticsearch version 6.0 or later or OpenSearch version 1.0 or later/); }); - test('error when i3 instance types are specified with EBS enabled', () => { + test('error when i3 or r6g instance types are specified with EBS enabled', () => { expect(() => new Domain(stack, 'Domain1', { version: defaultVersion, capacity: { @@ -1396,6 +1396,16 @@ describe('custom error responses', () => { volumeType: EbsDeviceVolumeType.GENERAL_PURPOSE_SSD, }, })).toThrow(/I3 and R6GD instance types do not support EBS storage volumes/); + expect(() => new Domain(stack, 'Domain2', { + version: defaultVersion, + capacity: { + dataNodeInstanceType: 'r6gd.large.search', + }, + ebs: { + volumeSize: 100, + volumeType: EbsDeviceVolumeType.GENERAL_PURPOSE_SSD, + }, + })).toThrow(/I3 and R6GD instance types do not support EBS storage volumes/); }); test('error when m3, r3, or t2 instance types are specified with encryption at rest enabled', () => { @@ -1448,6 +1458,40 @@ describe('custom error responses', () => { masterNodeInstanceType: 'm5.large.search', }, })).toThrow(/EBS volumes are required when using instance types other than r3, i3 or r6gd/); + expect(() => new Domain(stack, 'Domain2', { + version: defaultVersion, + ebs: { + enabled: false, + }, + capacity: { + dataNodeInstanceType: 'm5.large.search', + }, + })).toThrow(/EBS volumes are required when using instance types other than r3, i3 or r6gd/); + }); + + test('can use compatible master instance types that does not have local storage when data node type is i3 or r6gd', () => { + new Domain(stack, 'Domain1', { + version: defaultVersion, + ebs: { + enabled: false, + }, + capacity: { + masterNodeInstanceType: 'c5.2xlarge.search', + dataNodeInstanceType: 'i3.2xlarge.search', + }, + }); + new Domain(stack, 'Domain2', { + version: defaultVersion, + ebs: { + enabled: false, + }, + capacity: { + masterNodes: 3, + masterNodeInstanceType: 'c6g.large.search', + dataNodeInstanceType: 'r6gd.large.search', + }, + }); + expect(stack).toCountResources('AWS::OpenSearchService::Domain', 2); }); test('error when availabilityZoneCount is not 2 or 3', () => { From 81e549bdaf0c8de2bda359e8853c0b98bfc6c5c0 Mon Sep 17 00:00:00 2001 From: kaizen3031593 <36202692+kaizen3031593@users.noreply.github.com> Date: Fri, 19 Nov 2021 17:13:17 -0500 Subject: [PATCH 4/5] Update packages/@aws-cdk/aws-elasticsearch/test/domain.test.ts --- packages/@aws-cdk/aws-elasticsearch/test/domain.test.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/packages/@aws-cdk/aws-elasticsearch/test/domain.test.ts b/packages/@aws-cdk/aws-elasticsearch/test/domain.test.ts index 0bc73d10f0a53..191657ff2ffe9 100644 --- a/packages/@aws-cdk/aws-elasticsearch/test/domain.test.ts +++ b/packages/@aws-cdk/aws-elasticsearch/test/domain.test.ts @@ -1489,6 +1489,7 @@ describe('custom error responses', () => { dataNodeInstanceType: 'r6gd.large.elasticsearch', }, }); + // both configurations pass synth-time validation expect(stack).toCountResources('AWS::Elasticsearch::Domain', 2); }); From 99391344a539b2b3c43c852608e6893746da04c3 Mon Sep 17 00:00:00 2001 From: kaizen3031593 <36202692+kaizen3031593@users.noreply.github.com> Date: Fri, 19 Nov 2021 17:13:21 -0500 Subject: [PATCH 5/5] Update packages/@aws-cdk/aws-opensearchservice/test/domain.test.ts --- packages/@aws-cdk/aws-opensearchservice/test/domain.test.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/packages/@aws-cdk/aws-opensearchservice/test/domain.test.ts b/packages/@aws-cdk/aws-opensearchservice/test/domain.test.ts index 84e7ba12167fc..de5b5a2573c6a 100644 --- a/packages/@aws-cdk/aws-opensearchservice/test/domain.test.ts +++ b/packages/@aws-cdk/aws-opensearchservice/test/domain.test.ts @@ -1491,6 +1491,7 @@ describe('custom error responses', () => { dataNodeInstanceType: 'r6gd.large.search', }, }); + // both configurations pass synth-time validation expect(stack).toCountResources('AWS::OpenSearchService::Domain', 2); });